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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the appUcation: 
Listing of Claims; 

1 . (Previously Presented) A method of managing assertions comprising the steps of: 

selling a pool of unallocated time available for assertions; 

upon request, generating an assertion between a name and a public key, the assertion 
having a lifetime, during which the assertion is usable to provide an indication that the public key 
is associated with the name, and subtracting the lifetime from the unallocated time; 

upon request, revoking an assertion and adding any remaining lifetime of the assertion to 
the unallocated time; and 

eroding the unallocated time over time, by continuously subtracting additional time from 
the unallocated time independently of subtracting the hfetime of the assertion from the 
unallocated time, to thereby prevent the unallocated time from being maintained indefinitely. 

2. (Cancelled) 

3. (Previously Presented) A computer implemented system for managing assertions between 
names and public keys, the system comprising: 

a repository containing an unallocated time, the unallocated time indicating an amoxmt of 
time available for assertions; 

a client interface; 

a purchase component operatively coupled to the client interface and to the repository, 
and adapted to add a bulk lifetime requested through the client interface to the unallocated time; 
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a request component operatively coupled to the client interface and to the repository, and 
adapted to, upon generation of an assertion between a name and a public key, the assertion 
having a lifetime requested through the client interface, deduct the requested lifetime from the 
unallocated time; and 

a revocation component operatively coupled to the client interface and to the repository 
and adapted to, upon revocation of an assertion having a remaining lifetime, add the remaining 
lifetime to the unallocated time, 

wherein at least one of the repository, the client interface, the purchase component, the 
request component, and the revocation component comprises a hardware component, and 

wherein the unallocated time is eroded over time, by continuously deducting additional 
time from the unallocated time independently of the request component deducting the requested 
lifetime from the unallocated time, to thereby prevent the unallocated time from being 
maintained indefinitely. 

4. (Original) The system of claim 3 wherein each assertion is a public key certificate. 

5. (Original) The system of claim 3 fiirther adapted to: 

monitor when the unallocated time falls below a threshold, and 

notify a user associated with the unallocated time if the unallocated time falls below the 
threshold. 

6. (Previously Presented) The system of claim 3 wherein the request component determines 
whether the requested lifetime is greater than the unallocated time, and if the requested lifetime is 
greater than the unallocated time, presents a user associated with the unallocated time with a set 
of options for remedying the insufficiency of the unallocated time. 
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7. (Previously Presented) A processing platform implemented method comprising the computer 
implemented steps of: 

maintaining an unallocated time, the unallocated time being time available for assertions 
between a name and a public key; 

accepting a request for an assertion between a name and a public key and a requested 
lifetime during which the assertion is usable to provide an indication that the public key is 
associated with the name; 

determining whether the unallocated time is greater than or equal to the requested 
lifetime; 

upon determining that the unallocated time is greater than or equal to the requested 
lifetime, deducting the requested lifetime from the unallocated time; and 

eroding the unallocated time over time, by continuously deducting additional time from 
the imallocated time independently of deducting the requested lifetime from the unallocated time, 
to thereby prevent the unallocated time from being maintained indefinitely. 

8. (Previously Presented) The method of claim 7 comprising the further step of forwarding the 
request for an assertion to an entity responsible for generating assertions where the unallocated 
time is greater than or equal to the requested lifetime. 

9. (Original) The method of claim 7 wherein the assertion is a pubUc key certificate. 

10. (Cancelled) 

1 1 . (Currently Amended) A processing platform implemented method comprising the computer 
implemented steps of: 
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maintaining an unallocated time, the unallocated time being time available for assertions, 
between a name and a public key; 

identifying, from a request for revocation, an assertion between a name and a public key 
to be revoked, the assertion having a remaining lifetime during which the assertion is usable to 
provide an indication that the public key is associated with the name; 

adding the remaining lifetime to the unallocated time; and 

eroding the unallocated time over time, by continuously deducting additional time from 
the unallocated time independently of deducting a Ufetime of an assertion from the imallocated 
time, to thereby prevent the unallocated time from being maintained indefinitely. 

12. (Original) The method of claim 1 1 wherein the assertion is a pubUc key certificate. 

13. (Cancelled) 

14. (Currently Amended) An article of manufacture comprising a computer-readable storage 
mediu m, the computer-readable storage medium containing instructions for: 

generating an entry in a repository, the entry including an unallocated time available for 
assertions; 

receiving a request for a purchase of bulk lifetime; 

adding the bulk Ufetime to the unallocated time in the event that a request for a purchase 
of bulk Ufetime is received; 

receiving a request for an assertion and a requested Ufetime, the assertion being between a 
name and a public key; 

deducting the requested Ufetime from the unallocated time in the event that a request for 
an assertion is received; 
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receiving an identification of an assertion to be revoked, the assertion having a remaining 
lifetime; 

adding the remaining Ufetime to the unallocated time in the event that an identification of 
an assertion to be revoked is received; and 

eroding the unallocated time over time, by continuously deducting additional time from 
the imallocated time independently of deducting the requested lifetime from the unallocated time, 
to thereby prevent the unallocated time from being maintained indefinitely. 

15. (Previously Presented) A computer implemented system for allocating assertions 
comprising: 

means for allocating a pool of xmallocated time available for assertion validity; 
a client interface; 

means for processing a request received through the client interface for an assertion 
between a name and a public key, the assertion having a Ufetime, the means for processing the 
request being operatively coupled to the cUent interface and to the means for allocating, and 
subtracting the Ufetime from the pool of unallocated time; 

means for processing a revocation of an existing assertion, the means for processing the 
revocation being operatively coupled to the means for allocating, and determining any remaining 
lifetime of the existing assertion and adding at least a portion of the remaining Ufetime of the 
assertion to the pool of unallocated time; and 

means for eroding the pool of unallocated time over time, the means for eroding the 
unallocated time being operatively coupled to the means for allocating, and continuously 
subtracting additional time from the pool of unallocated time independently of the means for 
processing a request subtracting the lifetime from the pool of unallocated time, to thereby prevent 
the pool of unallocated time from being maintained indefinitely^ 

wherein at least one of the means for allocating, the client interface, the means for 
processing a request, the means for processing a revocation, and the means for eroding the 
unallocated time comprises a hardware component. 
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16. (Previously Presented) The system of claim 15 further comprising: 

means for monitoring when the pool of unallocated time falls below a threshold, and for 
notifying a user associated with the pool of unallocated time if the pool of unallocated time falls 
below the threshold. 

17. (Previously Presented) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute a method comprising: 

selling a pool of unallocated time available for assertions; 

upon request, generating an assertion between a name and a public key, the assertion 
having a Ufetime, and subtracting the Ufetime from the pool of unallocated time; 

upon request, revoking an assertion and adding any remaining Ufetime of the assertion to 
the pool of unallocated time; and 

eroding the unallocated time over time, by continuously subtracting additional time from 
the unallocated time independently of subtracting the lifetime of the assertion from the pool of 
unallocated time, to thereby prevent the pool of unallocated time from being maintained 
indefinitely. 

18. (Cancelled) 

19. (Previously Presented) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute the method of claim 7. 

20. (Previously Presented) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute the method of claim 9. 



7 



Appl. No. 09/892,490 
21. (Cancelled) 



